PHPackages c0defusi0n/security-scanner - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. c0defusi0n/security-scanner ActiveMagento2-module[Security](/categories/security) c0defusi0n/security-scanner =========================== Security scanner to detect malicious code in Magento 2 1.0.0(1y ago)0241MITPHPPHP ~8.1.0||~8.2.0 Since Mar 25Pushed 1y ago1 watchersCompare [ Source](https://github.com/c0defusi0n/SecurityScanner)[ Packagist](https://packagist.org/packages/c0defusi0n/security-scanner)[ RSS](/packages/c0defusi0n-security-scanner/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (1)Versions (2)Used By (0) Security Scanner for Magento 2 ============================== [](#security-scanner-for-magento-2) [![Latest Stable Version](https://camo.githubusercontent.com/aab6da2ec95978f09b6df69327d6648d4248f168af2e049db4442fddc15defff/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6330646566757369306e2f73656375726974792d7363616e6e65722e737667)](https://packagist.org/packages/c0defusi0n/security-scanner)[![Total Downloads](https://camo.githubusercontent.com/33c5b72b612a3d823c8e7ddaa905a8abc414edc9c5b22e9c1ffc87c5af5222e5/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6330646566757369306e2f73656375726974792d7363616e6e65722e737667)](https://packagist.org/packages/c0defusi0n/security-scanner)[![License](https://camo.githubusercontent.com/014d7b7d39971319cbb2a3f51b5b292b91f88d2c1447636f74c1c4614bc107fe/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f6330646566757369306e2f73656375726974792d7363616e6e65722e737667)](https://github.com/c0defusi0n/security-scanner/blob/master/LICENSE) The Security Scanner module for Magento 2 helps you automatically detect potentially malicious code in your Magento CMS blocks. It can alert you via email and Telegram notifications when suspicious code patterns are detected, enhancing your store's security posture. Features -------- [](#features) - Scheduled security scans to detect malicious code patterns in CMS blocks - Configurable scan frequency (hourly, daily, weekly, etc.) - Email notifications for security alerts - Telegram bot integration for instant notifications - Customizable malicious code detection patterns - Admin panel for easy configuration - Command line interface for manual scans Installation ------------ [](#installation) ### Via Composer (Recommended) [](#via-composer-recommended) ``` composer require c0defusi0n/security-scanner bin/magento module:enable C0defusi0n_SecurityScanner bin/magento setup:upgrade bin/magento setup:di:compile bin/magento setup:static-content:deploy bin/magento cache:flush ``` ### Manual Installation [](#manual-installation) 1. Download the ZIP file from the [GitHub repository](https://github.com/c0defusi0n/security-scanner/) 2. Extract the contents into `app/code/C0defusi0n/SecurityScanner/` directory 3. Run the following commands: ``` bin/magento module:enable C0defusi0n_SecurityScanner bin/magento setup:upgrade bin/magento setup:di:compile bin/magento setup:static-content:deploy bin/magento cache:flush ``` Configuration ------------- [](#configuration) 1. Go to **Stores > Configuration > Security Scanner** 2. Configure the following options: ### General Configuration [](#general-configuration) - **Enable Scanner**: Enable or disable the security scanner - **Scan Frequency**: Set how often the scanner should run ### Email Notifications [](#email-notifications) - **Enable Email Notifications**: Turn on/off email alerts - **Email Sender**: Configure the sender of email notifications - **Email Recipients**: Set the email addresses to receive notifications (comma separated) - **Send Clean Reports**: Option to receive reports even when no issues are detected ### Telegram Notifications [](#telegram-notifications) - **Enable Telegram Notifications**: Turn on/off Telegram alerts - **Telegram Bot Token**: Set your Telegram bot API token - **Telegram Chat ID**: Set the chat ID where notifications should be sent - **Test Telegram Connection**: Test button to verify your Telegram configuration ### Malicious Code Detection Patterns [](#malicious-code-detection-patterns) - **Custom Patterns**: Add your own regular expressions to extend detection capabilities Usage ----- [](#usage) ### Automatic Scans [](#automatic-scans) Once configured, the module will automatically scan your CMS blocks based on the frequency settings you've specified. If suspicious code is detected, you'll receive notifications via the channels you've enabled. ### Manual Scan via CLI [](#manual-scan-via-cli) You can also trigger a security scan manually using the command line: ``` bin/magento c0defusi0n:security:scan ``` Customization ------------- [](#customization) ### Adding Custom Detection Patterns [](#adding-custom-detection-patterns) You can add your own regular expressions to detect specific patterns of malicious code through the admin configuration or by extending the module. ### Extending Email Templates [](#extending-email-templates) The module includes customizable email templates for security alerts and clean reports, which can be modified through the Magento admin panel under **Marketing > Email Templates**. Internationalization -------------------- [](#internationalization) The module supports multiple languages through Magento's translation system. English translations are included by default, and French translations are available. Requirements ------------ [](#requirements) - PHP 8.1 or higher - Magento 2.4.x Support ------- [](#support) For bug reports and feature requests, please use the [GitHub issue tracker](https://github.com/c0defusi0n/security-scanner/issues). License ------- [](#license) This module is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. Contributors ------------ [](#contributors) - [c0defusi0n](https://github.com/c0defusi0n) - *Initial work* Changelog --------- [](#changelog) ### 1.0.0 [](#100) - Initial release - Added CMS block scanning - Added email and Telegram notifications - Added admin configuration - Added CLI command ### Health Score 32 — LowBetter than 71% of packages Maintenance48 Moderate activity, may be stable Popularity14 Limited adoption so far Community7 Small or concentrated contributor base Maturity49 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 410d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/72e3a605aff706f93c6bdfcd6157c3ea5fdd16fc1011aad7162d6e0bd2c40629?d=identicon)[C0defusi0n](/maintainers/C0defusi0n) --- Top Contributors [![c0defusi0n](https://avatars.githubusercontent.com/u/204182408?v=4)](https://github.com/c0defusi0n "c0defusi0n (1 commits)") --- Tags securitymagentoscannermagento2malware ### Embed Badge ![Health badge](/badges/c0defusi0n-security-scanner/health.svg) ``` [![Health](https://phpackages.com/badges/c0defusi0n-security-scanner/health.svg)](https://phpackages.com/packages/c0defusi0n-security-scanner) ``` ### Alternatives [enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker)[scr34m/php-malware-scanner Scans PHP files for malwares and known threats 59549.5k](/packages/scr34m-php-malware-scanner)[psecio/parse A PHP Security Scanner 38070.3k1](/packages/psecio-parse)[psecio/versionscan A PHP version scanner for reporting possible vulnerabilities 25156.4k1](/packages/psecio-versionscan) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)